CVE-2025-64120

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Nuvation Energy Multi-Stack Controller MSC allows OS Command Injection.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...

CVE-2025-64123 Nuvation Energy Multi-Stack Controller Proxy service allows arbitrary BMS access

Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Network Boundary Bridging.This issue affects Multi-Stack Controller MSC: through and including release 2.5.1...

CVE-2025-64122

CVE-2025-64122 describes an Insufficiently Protected Credentials vulnerability in the Nuvation Energy Multi-Stack Controller (MSC) that enables Signature Spoofing via Key Theft. Affected product: MSC versions up to and including 2.5.1. Root cause and impact are limited to credentials protection a...

CVE-2025-64122 Nuvation Energy Multi-Stack Controller Private Key Stored on Device

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...

CVE-2025-64121 Nuvation Energy Multi-Stack Controller Authentication Bypass

Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Authentication Bypass.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...

CVE-2025-64121 Nuvation Energy Multi-Stack Controller Authentication Bypass

Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Authentication Bypass.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...

CVE-2025-64121

CVE-2025-64121 covers an authentication bypass in the Nuvation Energy Multi-Stack Controller (MSC). Vendor‑documented details indicate impact on MSC versions from 2.3.8 up to, but not including, 2.5.1, with the root cause described as an Authentication Bypass via an alternate path or channel. The...

CVE-2025-64120 Nuvation Energy Multi-Stack Controller OS Command Injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Nuvation Energy Multi-Stack Controller MSC allows OS Command Injection.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...

CVE-2025-64120 Nuvation Energy Multi-Stack Controller OS Command Injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Nuvation Energy Multi-Stack Controller MSC allows OS Command Injection.This issue affects Multi-Stack Controller MSC: from 2.3.8 before 2.5.1...

PT-2026-1135

Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller versions 2.3.8 through 2.5.0 Description A flaw exists in Nuvation Energy Multi-Stack Controller that allows for OS Command Injection. This issue could allow an attacker to execute arbitrary commands on t...

PT-2026-1137

Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions through 2.5.1 Description A weakness exists in the Nuvation Energy Multi-Stack Controller MSC that allows Signature Spoofing by Key Theft due to insufficiently protected credentials. This cou...

Nuvation Energy Multi-Stack Controller 安全漏洞

The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller versions 2.3.8 through prior to 2.5.1, which stems from the use of an alternate path or channel to bypas...

Nuvation Energy Multi-Stack Controller 安全漏洞

The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller MSC versions 2.3.8 through prior to 2.5.1, which stems from improper neutralization of a special element...

PT-2026-1136

Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions 2.3.8 through 2.5.0 Description An authentication bypass issue exists in Nuvation Energy Multi-Stack Controller MSC. This allows unauthenticated attackers to gain full control. The issue...

Nuvation Energy Multi-Stack Controller 安全漏洞

The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller version 2.5.1 and prior versions, which stems from insufficient credential protection and could lead to...

Nuvation Energy Multi-Stack Controller 安全漏洞

The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller version 2.5.1 and earlier, which stems from the presence of an unintended proxy or intermediary that cou...

PT-2026-1138

Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions through 2.5.1 Nuvation Energy nCloud VPN Service affected versions not specified Description An issue involving Network Boundary Bridging exists in Nuvation Energy nCloud VPN Service and...